CVE-2025-12247

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hasleo Backup Suite versions prior to 5.3

Description A weakness exists in Hasleo Backup Suite up to version 5.2, specifically within the HasleoImageMountService/HasleoBackupSuiteService component. This issue stems from an unquoted search path, allowing for potential local exploitation. The exploitability is considered difficult, and the exploit has been publicly released. The issue impacts an unknown function within the component.

Recommendations Upgrade the affected component to a version prior to 5.3.

Exploit

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428CWE-426

Related Identifiers

CVE-2025-12247

Affected Products

Hasleo Backup Suite

CVE-2025-12247

Weakness Enumeration

Related Identifiers

Affected Products

References · 10